IT Compliance

Policy Management | AntiSpam

What is IT Compliance?

IT Compliance describes, among other things, compliance with applicable laws and legal norms that regulate, for example, the handling of customer data. The new EU General Data Protection Regulation (GDPR) is a prominent and much discussed example. Companies are required to establish processes that ensure compliance with these laws, for example by restricting access to sensitive data or early warning systems for hacker attacks. Compliance management is also required to comply with certain industry standards, such as PCI DSS for processing credit card information.

But compliance policies are not only important for regulatory requirements - they also help prevent valuable corporate data from falling into the wrong hands, protecting against industrial espionage and other financial risks. Internal requirements are therefore laid down in compliance guidelines, from e-mail communication to the handling of passwords, cloud storage and much more.

20

or 4% of annual turnover - whichever is higher - are the fines that can be imposed under GDPR for breaches of data protection.

(Source: Art. 83 EU-DSGVO)

Why is IT Compliance important?

Compliance is often perceived as an issue that only plays a role in larger companies - but SMEs are also affected by legal requirements, industry standards and norms that have to be complied with.

IT compliance guidelines, such as the new EU General Data Protection Regulation, not only help to avoid fines and claims for damages, they also protect against damage to the company's image - for example through data protection scandals - and the resulting loss of customers or disadvantages when public contracts are being awarded.

Last but not least, compliance enables the correct operation of IT, which increases security and is indispensable in times of increasing cyber attacks. In this way, dangers such as industrial espionage from outside or inside can be averted and economic success can be secured in the long term. At the same time, the company's value increases if compliance with certain standards enables it to enter new business areas and markets.

G DATA Policy Management

Implement your IT compliance policies

The easily configurable G DATA Policy Management provides you with a comprehensive tool to effectively implement and enforce your company policies. A complete Active Directory connection enables you to easily adopt the existing group structures - all conveniently via the central management console.

Prevent your employees from using USB sticks or other external drives on company computers. For example, you can protect your network from USB sticks containing malware that have been distributed by attackers in the company car park. Additionally prevent sensitive company data being copied from endpoints that are deliberately isolated from the network.

Specify which applications your employees are allowed to install or run on company computers. In this way, you can prevent, for example, information from being sent out of the network unnoticed via Instant Messenger.

Block individual web pages or set the internet usage time for individual users and groups to ensure employee productivity and endpoint security.

The age of digitalisation has given rise to standards and guidelines for each economic segment. In order to efficiently implement the IT security measures prescribed by standards such as GDPR, PCI-DSS or BSI, a holistic security solution is therefore essential.

Dragomir Vatkov, Head of Product Management (G DATA Software AG)

G DATA AntiSpam

55

of all e-mails sent worldwide in 2017 were spam.

(Source: Statista)

More productivity and security

Maintain employee productivity: The anti-spam module of G DATA's security solutions effectively prevents your employees from being interrupted from work by unwanted e-mails. Add-ons for Microsoft Outlook as well as for POP3 and IMAP accounts enable seamless integration into your IT infrastructure.

Supplementary modules

Comprehensive solutions for your compliance

As part of G DATA's layered security concept, Policy Management and AntiSpam are just two basic building blocks that support you in implementing your individual compliance policies. We have developed the comprehensive module G DATA Mobile Device Management for you so that you can also integrate your employee's mobile devices compliantly into your network ("Bring Your Own Device" or "BYOD").

To keep track of network traffic and identify hardware failures and potential attacks at an early stage, you should monitor your network with a suitable tool. With G DATA Network Monitoring you have a permanent overview of your entire network from the CPU utilization of your servers to the status of your routers and switches.